FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENT RULES, 2003
COMPLETE SPECIFICATION (See Section 10 and Rule 13)
Title of invention:
TITLE
METHOD AND SYSTEM VALIDATING SECURITY RIGHTS
OF STREAMING VIDEOS ON INTERNET ENABLED DEVICES
Applicant
Tata Consultancy Services Limited A company Incorporated in India under the Companies Act, 1956
Having address:
Nirmal Building, 9th floor,
Nariman point, Mumbai 400021,
Maharashtra, India
Preamble to the description
The following specification particularly describes the invention and the manner in which it is to be performed.

CROSS-REFERENCE TO RELATED APPLICATIONS AND PRIORITY
[001] The present application claims priority from Indian provisional application no. 201921042205, filed on October 17, 2019. The entire contents of the aforementioned application are incorporated herein by reference.
TECHNICAL FIELD
[002] The disclosure herein generally relates to the field of video streaming, and, more particularly, to method and system for validating security rights of streaming videos on internet enabled devices.
BACKGROUND
[003] With advancement in technology, proliferation of high-speed internet services, mass adoption of smart phones and internet enabled smart devices has led to a meteoritic rise in video streaming services around the globe. Distribution of entertainment programs is now witnessing a gradual transition for digital content, as the digital content may be copied without authorization. Conventionally, licensing models for conditional access are limited to a one-time viewing model. However, for new streaming models like Over-the-Top (OTT) services numerous video streaming applications are getting launched due to recent development. Further, growing popularity of video streaming applications face constant challenges for securing content rights across the video streaming value chain.
[004] In recent trends, due to pirated content, millions of internet videos get streamed on various consumer devices affecting cyber security. Further, risks of cyber security breaches, online piracy, video application hacking, pose considerable challenge for the entire video streaming industry. Further, for reducing complexity imminent security threats, global streaming players becomes incumbent for the video content creators, aggregators and distributors to adopt secured application development methodologies with low cost security testing techniques. Hence, there is a great demand for protecting digital video assets from illegal and unauthorized access due to traditional quality assurance (QA) and conventional security testing techniques like pen testing, vulnerability assessment and thereof.

[005] Most of the conventional techniques provide solutions for commercial cyber security suite for ensuring cyber security across the video delivery value chain. However, these techniques are extremely expensive and requires specialized skilled resources and limits in providing free cyber security solutions applicable to video applications on end-user app-level validations. Therefore, these methods lack in providing end to end validation techniques to protect streaming video content against illegal copying, illegal downloading and rampant piracy.
SUMMARY
[006] Embodiments of the present disclosure present technological improvements as solutions to one or more of the above-mentioned technical problems recognized by the inventors in conventional systems. For example, in one embodiment,
the method includes to receive, a plurality of video files comprising a plurality of encrypted streaming packets, wherein, the plurality of video files obtained from external sources comprising one or more video server. Each streaming packet is encrypted prior to play back on internet enabled streaming devices. Further, the method analyzes each encrypted streaming packet associated with each video file, to extract a manifest file for generating digital rights management test scripts. Further, dynamically generating digital rights management test script for each manifest file among the plurality of manifest files configured to a digital rights management engine using a video streaming workload technique. Here, the digital rights management engine and a test script recorder is initialized and processing each video file into the digital rights management engine. Further, a unique content key is assigned for each video file. Further, configuring, for each video file an authorization policy and an asset delivery policy and generate, for each video file, a total number of manifest files based on the configured authorization policy and the asset delivery policy. The plurality of aggregator parameters comprises the video file, the total number of generated manifest files and the total number of emulator videos. Here, initializing, a driver script and the total number of emulators and for each manifest file of each video file executing, the digital rights

management engine comprising the generated digital rights management test scripts on each video file and computing, the aggregator level video metrics for determining the streaming bit rate with corresponding file size based on the product of each video file, the total number of generated manifest files and the total number of emulator videos.
[007] Further, validate security rights of each manifest file by executing the dynamically generated digital rights management test scripts on each video file utilizing a security rights validation mode comprising a digital rights management mode and a high definition content protection (HDCP). In one embodiment, the validation of each manifest file using the digital rights management mode comprises computing an aggregator level video metrics at aggregator level to determine streaming bit rate with corresponding file size based on a plurality of aggregator parameters and by computing a device level video metrics at device level to determine streaming bit rate with corresponding file size based on a plurality of device parameters and calculating, an average bit rate and an average file size for comparing the aggregator level video metrics with the device level video metrics. Further, initializing, the total number of devices, the browser, the player and the driver script; and for each manifest file of each video file, execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file and compute, the aggregator level video metrics for determining the streaming bit rate with corresponding file size based on the product of each video file, a total number of devices, a browsers, a players and a driver script. The plurality of device parameters comprises the video file, the total number of devices, the total number browser, the total number players and the driver script.
[008] In one embodiment, the validation of each manifest file using the high definition content protection (HDCP) mode comprises computing, an high definition content protection video metrics comprising a streaming bit rate with its corresponding video file size based on a plurality of high definition content protection (HDCP) compliant streaming devices and a plurality of high definition content protection non-compliant streaming devices and calculating, the average bit

rate and the average file size for comparing the high definition content protection (HDCP) video metrics at the streaming video device level. Further initializing, the driver script and a high definition content protection (HDCP) decryptor and then randomize each video file and for each manifest file of each video file. Execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and compute, the high definition content protection (HDCP) video metrics for determining the streaming bit rate with its corresponding file size based on the product of each video file and the total number of manifest files.
[009] In another aspect, a system for validating security rights of streaming video on internet enabled devices is provided. The system includes a processor, an Input/output (I/O) interface and a memory coupled to the processor is capable of executing programmed instructions stored in the processor in the memory to receive, a plurality of video files comprising a plurality of encrypted streaming packets, wherein, the plurality of video files obtained from external sources comprising one or more video server. Each streaming packet is encrypted prior to play back on internet enabled streaming devices. Further, the method analyzes each encrypted streaming packet associated with each video file, to extract a manifest file for generating digital rights management test scripts. Further, dynamically generating digital rights management test script for each manifest file among the plurality of manifest files configured to a digital rights management engine using a video streaming workload technique. Here, the digital rights management engine and a test script recorder is initialized and processing each video file into the digital rights management engine. Further, a unique content key is assigned for each video file. Further, configuring, for each video file an authorization policy and an asset delivery policy and generate, for each video file, a total number of manifest files based on the configured authorization policy and the asset delivery policy. The plurality of aggregator parameters comprises the video file, the total number of generated manifest files and the total number of emulator videos. Here, initializing, a driver script and the total number of emulators and for each manifest file of each video file executing, the digital rights management engine comprising the generated

digital rights management test scripts on each video file and computing, the aggregator level video metrics for determining the streaming bit rate with corresponding file size based on the product of each video file, the total number of generated manifest files and the total number of emulator videos.
[010] Further, validate security rights of each manifest file by executing the dynamically generated digital rights management test scripts on each video file utilizing a security rights validation mode comprising a digital rights management mode and a high definition content protection (HDCP). In one embodiment, the validation of each manifest file using the digital rights management mode comprises computing an aggregator level video metrics at aggregator level to determine streaming bit rate with corresponding file size based on a plurality of aggregator parameters and by computing a device level video metrics at device level to determine streaming bit rate with corresponding file size based on a plurality of device parameters and calculating, an average bit rate and an average file size for comparing the aggregator level video metrics with the device level video metrics. Further, initializing, the total number of devices, the browser, the player and the driver script; and for each manifest file of each video file, execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file and compute, the aggregator level video metrics for determining the streaming bit rate with corresponding file size based on the product of each video file, a total number of devices, a browsers, a players and a driver script. The plurality of device parameters comprises the video file, the total number of devices, the total number browser, the total number players and the driver script.
[011] In one embodiment, the validation of each manifest file using the high definition content protection (HDCP) mode comprises computing, an high definition content protection video metrics comprising a streaming bit rate with its corresponding video file size based on a plurality of high definition content protection (HDCP) compliant streaming devices and a plurality of high definition content protection non-compliant streaming devices and calculating, the average bit rate and the average file size for comparing the high definition content protection

(HDCP) video metrics at the streaming video device level. Further initializing, the driver script and a high definition content protection (HDCP) decryptor and then randomize each video file and for each manifest file of each video file. Execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and compute, the high definition content protection (HDCP) video metrics for determining the streaming bit rate with its corresponding file size based on the product of each video file and the total number of manifest files.
[012] In yet another aspect, a non-transitory computer readable medium for executing a method for validating security rights of streaming video on internet enabled devices is provided. The method includes to receive, a receive, a plurality of video files comprising a plurality of encrypted streaming packets, wherein, the plurality of video files obtained from external sources comprising one or more video server. Each streaming packet is encrypted prior to play back on internet enabled streaming devices. Further, the method analyzes each encrypted streaming packet associated with each video file, to extract a manifest file for generating digital rights management test scripts. Further, dynamically generating digital rights management test script for each manifest file among the plurality of manifest files configured to a digital rights management engine using a video streaming workload technique. Here, the digital rights management engine and a test script recorder is initialized and processing each video file into the digital rights management engine. Further, a unique content key is assigned for each video file. Further, configuring, for each video file an authorization policy and an asset delivery policy and generate, for each video file, a total number of manifest files based on the configured authorization policy and the asset delivery policy. The plurality of aggregator parameters comprises the video file, the total number of generated manifest files and the total number of emulator videos. Here, initializing, a driver script and the total number of emulators and for each manifest file of each video file executing, the digital rights management engine comprising the generated digital rights management test scripts on each video file and computing, the aggregator level video metrics for determining the streaming bit rate with corresponding file size

based on the product of each video file, the total number of generated manifest files and the total number of emulator videos.
[013] Further, validate security rights of each manifest file by executing the dynamically generated digital rights management test scripts on each video file utilizing a security rights validation mode comprising a digital rights management mode and a high definition content protection (HDCP). In one embodiment, the validation of each manifest file using the digital rights management mode comprises computing an aggregator level video metrics at aggregator level to determine streaming bit rate with corresponding file size based on a plurality of aggregator parameters and by computing a device level video metrics at device level to determine streaming bit rate with corresponding file size based on a plurality of device parameters and calculating, an average bit rate and an average file size for comparing the aggregator level video metrics with the device level video metrics. Further, initializing, the total number of devices, the browser, the player and the driver script; and for each manifest file of each video file, execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file and compute, the aggregator level video metrics for determining the streaming bit rate with corresponding file size based on the product of each video file, a total number of devices, a browsers, a players and a driver script. The plurality of device parameters comprises the video file, the total number of devices, the total number browser, the total number players and the driver script.
[014] In one embodiment, the validation of each manifest file using the high definition content protection (HDCP) mode comprises computing, an high definition content protection video metrics comprising a streaming bit rate with its corresponding video file size based on a plurality of high definition content protection (HDCP) compliant streaming devices and a plurality of high definition content protection non-compliant streaming devices and calculating, the average bit rate and the average file size for comparing the high definition content protection (HDCP) video metrics at the streaming video device level. Further initializing, the driver script and a high definition content protection (HDCP) decryptor and then

randomize each video file and for each manifest file of each video file. Execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and compute, the high definition content protection (HDCP) video metrics for determining the streaming bit rate with its corresponding file size based on the product of each video file and the total number of manifest files.
[015] It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
BRIEF DESCRIPTION OF THE DRAWINGS
[016] The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate exemplary embodiments and, together with the description, serve to explain the disclosed principles:
[017] FIG.1 illustrates an exemplary block of a system, alternatively referred as security rights validation system, in accordance with some embodiments of the present disclosure.
[018] FIG. 2 is a functional block diagram of the system of FIG.1 for validating security rights of streaming video file, in accordance with some embodiments of the present disclosure.
[019] FIG. 3 is a flow diagram illustrating a method for validating security rights of streaming video file using the system of FIG. 1, in accordance with some embodiments of the present disclosure.
[020] FIG. 4 depicts a graphical representation of digital rights management (DRM) test scripts using the system of FIG.1, in accordance with some embodiments of the present disclosure.
[021] FIG. 5 depicts a graphical representation of high definition content protocol (HDCP) using the system of FIG.1, in accordance with some embodiments of the present disclosure.
[022] FIG.6A and 6B depicts a use case example illustrating playback on television (TV) through high definition content protocol (HDCP) for validating

security rights of streaming videos using the system of FIG.1, in accordance with some embodiments of the present disclosure.
DETAILED DESCRIPTION OF EMBODIMENTS
[023] Exemplary embodiments are described with reference to the accompanying drawings. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. Wherever convenient, the same reference numbers are used throughout the drawings to refer to the same or like parts. While examples and features of disclosed principles are described herein, modifications, adaptations, and other implementations are possible without departing from the scope of the disclosed embodiments. It is intended that the following detailed description be considered as exemplary only, with the true scope being indicated by the following claims.
[024] The embodiments herein provide a method and a system, for validating security rights of streaming video files on internet enabled devices. The method disclosed herein, protects streaming video content against illegal copying, illegal downloading and rampant piracy, providing an additional layer of security in the form of digital rights management (DRM) encryption. This hybrid methodology covers all phases on video streaming value chain, from origin to playback thereby achieving maximum test coverage across multiple playback devices under multiple workload conditions and deploys real world like conditions including latency, delay and concurrency. The method disclosed herein, enables in providing validation solutions to detect security vulnerabilities early in the video delivery value chain i.e. acquisition and aggregation stage and paper sets a unique concurrent user workload for real world scenarios during video security tests. Further the present disclosure correlates critical security metrics relevant to video streaming domain with key video quality parameters like bitrate, lag time etc.
[025] The method disclosed herein is a unique model which blends the current practices using free and commercial grade security testing tools and leverages powerful automated scripting techniques to not only provide high coverage at the end user level, but also detect and prevent security violations early in the video streaming value chain. Automated DRM validation and automated

security tests for HDCP compliance are integral part of our proposed framework. The proposed technique is an automation framework having due weightage to the video streaming workload (VSW) emanating from various end user devices like mobiles, laptops or the various multi-media streaming.
[026] Referring now to the drawings, and more particularly to FIG. 1 through FIG. 5, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments and these embodiments are described in the context of the following exemplary system and/or method.
[027] FIG.1 illustrates an exemplary block of a system, alternatively referred as security rights validation system, in accordance with some embodiments of the present disclosure. In an embodiment, the system 100 includes processor (s) 104, communication interface (s), alternatively referred as or input/output (I/O) interface(s) 106, and one or more data storage devices or memory 102 operatively coupled to the processor (s) 104. The processor (s) 104 may be alternatively referred as one or more hardware processors. In an embodiment, the hardware processors can be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, and/or any devices that manipulate signals based on operational instructions. Among other capabilities, the processor(s) 104 is configured to fetch and execute computer-readable instructions stored in the memory. In an embodiment, the system 100 can be implemented in a variety of computing systems, such as laptop computers, notebooks, hand-held devices, workstations, mainframe computers, servers, a network cloud and the like.
[028] The I/O interface(s) 106 can include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, and the like and can facilitate multiple communications within a wide variety of networks N/W and protocol types, including wired networks, for example, LAN, cable, etc., and wireless networks, such as WLAN, cellular, or satellite. In an embodiment, the I/O interface device(s) can include one or more ports for

connecting a number of devices to one another or to another server or a centralized data lake used as source of input data by the system 100.
[029] The memory 102 may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes. The memory 102 further may include modules 108. In an embodiment, the modules 108 includes a security rights validation module 110, for implementing functions of the system 100. In an embodiment, the modules 108 can be an Integrated Circuit (IC) (not shown), external to the memory 102, implemented using a Field-Programmable Gate Array (FPGA) or an Application-Specific Integrated Circuit (ASIC). The names (or expressions or terms) of the modules of functional block within the modules 108 referred herein, are used for explanation and are not construed to be limitation(s). Further, the memory 102 can also include the repository 112. The memory 102 may further comprise information pertaining to input(s)/output(s) of each step performed by the system 100 and methods of the present disclosure. The system 100 is further explained in detail in conjunction with FIG.2 through FIG.5.
[030] FIG. 2 is a functional block diagram of the system of FIG.1 for validating security rights of streaming video file, in accordance with some embodiments of the present disclosure. In an embodiment, the system 100 includes an input module, a video server module, a video cyber security services module, an encoding and streaming server, a load balancer, a router, a packet sniffer, a high definition content protocol (HDCP) decryptor unit, a bandwidth throttle server, a load generator module, a packet delay generator module, a master controller module, a virtual users module, a multimedia devices module and a database server. The video cyber security services module includes a digital rights management (DRM) encryption server, a digital rights management (DRM) license server and a high definition content protocol (HDCP) token module. The video server module of the system 100 is a high capacity file server configured to the repository 112 for storing the plurality of received video files from external sources. The encoding and

streaming server of the system 100 is configured to provide multiple streaming videos as Video under Test (VUT) wherein VLC/VLS player is used on a high-end server to execute the digital rights management (DRM) test scripts. The packet sniffer of the system 100 is configured to collect packet information during video security tests at video aggregation and acquisition phase of the value chain. The bandwidth throttle server of the system 100 is throttle network bandwidths for various test cycles. The load generator module of the system 100 utilizes open source performance testing tool for virtual user (VU) load. The master controller module of the system 100 is configured to deploy a high end server to orchestrate the entire cyber security tests in a fully automated fashion wherein the master controller also controls, monitors and collates data for all execution activities for various VUTs on various Devices under Test (DUT).The database server of the system 100 is configured for storing all executions and test management information. The router of the system 100 is configured to forward data packets between computer networks. The high definition content protocol (HDCP) decryptor unit of the system 100 is configured for high definition content protocol (HDCP) compliance testing which is a HDMI transceiver. The digital rights management (DRM) license server of the video cyber security services module is configured to add digital rights management (DRM) licenses for the uploaded video files or assets, wherein the digital rights management (DRM) license server generates various manifest files. The virtual user module is configured to include virtual user load.
[031] FIG. 3 is a flow diagram illustrating a method for validating security rights of streaming video file of the system of FIG. 1, in accordance with some embodiments of the present disclosure. The steps of the method 300 of the flow diagram will now be explained with reference to the components or blocks of the system 100 in conjunction with the example architecture of the system as depicted in FIG.3 through FIG.5. In an embodiment, the system 100 comprises one or more data storage devices or the memory 102 operatively coupled to the one or more processors 104 and is configured to store instructions for execution of steps of the method 300 by the one or more processors 104. In an embodiment, the security

rights validation module 110 in the memory 102 stores instructions for execution of steps of the method 300 by the one or more processors 104, for validating security rights of streaming video file. Although process steps, method steps, techniques or the like may be described in a sequential order, such processes, methods and techniques may be configured to work in alternate orders. In other words, any sequence or order of steps that may be described does not necessarily indicate a requirement that the steps be performed in that order. The steps of processes described herein may be performed in any order practical. Further, some steps may be performed simultaneously.
[032] At step 302 of the method 300, the processor 104 is configured to receive, a plurality of video files comprising a plurality of encrypted streaming packets. The plurality of video files are obtained from external sources comprising one or more video server. The external sources include various streaming devices across over the top (OTT) platforms such as YouTube, Netflix, Hotstar and thereof and the plurality of received video files are of huge volume stored in video server. Here, each streaming packet is encrypted prior to play back on internet enabled streaming devices, wherein each streaming packet is encrypted before play back.
[033] At step 304 of the method 300, the processor 104 is configured to analyze, each encrypted streaming packet associated with each video file, extract a manifest file for generating digital rights management test scripts. Here, each encrypted streaming packet associated with each video is analyzed for generating digital rights management test scripts.
[034] At step 306 of the method 300, the processor 104 is configured to dynamically generate, digital rights management test script for each manifest file among the plurality of manifest files configured to the digital rights management engine using a video streaming workload technique. Referring now to FIG.2, the received manifest file is analyzed by initializing, the digital rights management engine and a test script recorder. Further, processing each video file into the digital rights management engine, a unique content key is assigned for each video file. Further, each video file is configured with an authorization policy and an asset delivery policy. Then, a total number of manifest files are generated for each video

file based on the configured authorization policy and the asset delivery policy as depicted below in table 1,
Table 1 - Digital rights management (DRM) test script

[035] At step 308 of the method 300, the processor 104 is configured to validate, security rights of each manifest file by executing dynamically generated digital rights management test scripts on each video file utilizing a security rights validation mode comprising a digital rights management (DRM) mode and a high definition content protection (HDCP). Each manifest file can be validated using either one of the digital rights management mode or the high definition content protection (HDCP) mode as depicted below in table 2.
Table 2 - Digital rights management mode – the aggregator level and the device
level


[036] Referring now to FIG.2 and Table 2, in one embodiment, the validation of each manifest file using the digital rights management mode comprises an aggregator level and a device level. Further, an aggregator level video metrics at aggregator level is computed to determine bit rate with corresponding file size based on a plurality of aggregator parameters. The plurality of aggregator parameters comprises the video file, the total number of generated manifest files and a total number of emulator videos. Further, for the received video file, a driver script and the total number of emulators are initialized and for each manifest file of each video file performing, wherein the digital rights management engine is executed comprising the generated digital rights management test scripts on each video file. Further, the aggregator level video metrics at aggregator level is computed for determining the streaming bit rate with corresponding file size based on the product of each video file, the total number of generated manifest files and the total number of emulator videos.
[037] Further, the device level video metrics at device level, is computed to determine bit rate with corresponding file size based on a plurality of device parameters. Further, to validate the security rights an average bit rate and an average file size is calculated by comparing the aggregator level video metrics with the

device level video metrics. The plurality of device parameters comprises the video file, total number of devices, total number browser, total number players and a driver script. Referring now to Table 3, for the received manifest file, the method initializes, the total number of devices, the browser, the player and the driver script and for each manifest file of each video file, executing the digital rights management engine comprising the generated digital rights management test scripts on each video file. Further, the aggregator level video metrics is computed for determining the streaming bit rate with its corresponding file size based on the product of each video file, the total number of devices, the browsers, the players and the driver script. Further, the average bit rate and the average file size at digital rights management mode is calculated based on the deviation obtained by comparing the aggregator level video metrics with the device level video metrics as mentioned below in table 3,
Table 3 - Digital rights management mode (DRM) calculation

[038] Referring now to FIG.2 and Table 4, In one embodiment, the validation of each manifest file using the high definition control protocol (HDCP) mode by computing, an high definition control protocol (HDCP) video metrics to determine bit rate with corresponding file size based on a plurality of high definition control protocol (HDCP) parameters. The plurality of device parameters comprises the video file, a total number of devices, a browser, a player and a driver script. Further, to validate the security rights an average bit rate and an average file size is calculated by comparing the high definition control protocol (HDCP) video metrics with the device level video metrics.


[039] In one embodiment, the driver script and the high definition content protection (HDCP) decryptor are initialized and then randomize each video file and for each manifest file of each video file, execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file. Further, the high definition content protection (HDCP) video metrics is computed for determining the streaming bit rate with corresponding file size based on the product of each video file and the total number of manifest files. Further, the average bit rate and the average file size at high definition content protection (HDCP) mode is calculated based on the deviation obtained by comparing the high definition content protection (HDCP) video metrics at device level between the compliant and non-compliant high definition content protection (HDCP) video streaming devices.
[040] FIG. 4 depicts a graphical representation of digital rights management (DRM) test scripts using the system of FIG.1, in accordance with some embodiments of the present disclosure. Referring now to FIG.4, from the DRM video cyber security test results for all the given scenarios the key findings observed are as follows. In an embodiment, the plurality of video files are stored in two different video servers for testing various video streaming files, wherein each video file is digital rights management (DRM) encrypted into one or more manifest files before playback on various internet streaming devices. Further, the plurality

of manifest files are created for the plurality of video files and a plurality of different test executions performed on various video streaming workload (VSW), wherein each VSW is executed on multiple devices (DUT), the browsers, the emulators and the media players. The digital rights management (DRM) encrypted video rendered better than the expected average bitrate (263 Kbps) at the aggregator (emulator) level except in one instance. Here, the bitrate dropped due to digital rights management (DRM) playback failure wherein this failure was found to be due to emulator playback issues. Further, an average bitrate for the video file at aggregator (ABR) was found to be 265 Kbps and the test were performed using 3 different emulators. Similarly, the digital rights management (DRM) encrypted video bitrate as measured at the device level also followed the expected bitrate graph except in few instances where bitrate dropped due to DRM playback failure because many players and browsers don’t support DRM encryptions by widevine, fairplay or playready. Further, average bitrate for video at user (ABRvu) was found to be 258 Kbps and the tests were done using plurality of different device, browser and player combinations wherein 3% deviation was noted between ABRva & ABRvu. Further, automated DRM tests at video aggregation level were found be 90 % more effective than digital rights management (DRM) test scripts at device level.
[041] FIG. 5 depicts a graphical representation of high definition content protocol (HDCP) using the system of FIG.1, in accordance with some embodiments of the present disclosure. In an embodiment, for testing HDCP compliance 2 different play-back setups are used wherein television (TV) streaming box is connected to a display device along with streaming card in conjunction with tiny computer to perform the test. Further, from the high definition content protection (HDCP) compliance test results following findings are observed wherein, for test cycles automation engine randomly for the high definition content protection (HDCP) encrypted manifest files for playback on both device setups. Referring now to FIG. 6A and 6B the test cycles video bitrate for video playback setup 2 was high and comparable to the expected video bitrate.
Table 5- shows a list of various hardware components and their features used
for the test environment setup.

Hardware Features
HDCP De-cryptor/HDMI Transmitter and Receiver View HD 1x2 HDMI Splitter
Streaming Video Capture
Card Magewell HDMI to USB 3.0 Converter + Raspberry Pi 3
Video Server 6 Core CPU 2.10 GHz , Xeom 2 processor, 15M Cache, 48 GB RAM
DRM Server Buy DRM/ Video 365 (Evaluation
Version)
Streaming Server 4 Core CPU 2.90 GHz: Core i5 3470 T processor. 16 GB RAM
Bandwidth Throttle Server Oracle VM Virtual-Box Manager . Linux (32-bit) . 4GB RAM
Master Controller./ DB
Server 4 Core CPU 2.90 GHz: Core i5 3470 T processor, 16 GB RAM
Load Generators / Device Host Server 4 Core CPU 2.90 GHz, Core i5 3470 T processor. 16 GB RAM
Packet Delay Generators/Sniffer 2 Core CPU 2.6 GHz. Core i5 processor, S GB RAM
Wifi Router Cisco 702 Series IOS WIRELESS LAN
SmartPhones /Tablets iPad, iPhone 6s, Samsung S2, Samsung S6, Samsung Galaxy Tab S6
ConnectedTV/SetTopBox APPLE TV
Single Board Computer Raspberry Pi-3
Table 6- shows a list of various software components and their features used for the test environment setup.

Software Version
Burp Suite 2.0
Java/JDK 1.7
Python 3.7.0
Pycharm (Community Edition) 2019.1.2

Software Version
Burpp Suite 2.0
VLC/VLS 3.07.1
TCS Wanem 3.0
Fiddler 5.0
Wire shark 3.0.1
AutoIt 3.4.4
JMeter 4.2
PostgreSQL 10.9
Mobizen (Evaluation Version) 3.0.2.28
Tomcat 7.0.12
[042] Further, it can also be noted that while playing high definition content protection (HDCP)-encrypted videos on video playback setup 1, the video bitrate for most of the test cycles is close to zero which proved that the video was not playing on the device setup. However, the measured bitrate from video playback setup 1 was low but not zero for most cases because some components of the video stream includes audio was still rendering on the television (TV) streaming box.
[043] The present disclosure blends the current practices using free and commercial-grade security testing tools and leverages powerful automated scripting techniques to not only provide high coverage at the end user level, but also detect and prevent security violations early in the video streaming value chain. Automated digital rights management (DRM) validation and automated security tests for high definition control protocol (HDCP) compliance are integral part of the proposed disclosure. Further, considering the fact that security testing doesn’t represent the real-world like scenarios in the present disclosure proposes an automation

framework on the video streaming workload (VSW) emanating from various end user devices which includes mobiles, laptops or the various multi-media streaming devices.
[044] The written description describes the subject matter herein to enable any person skilled in the art to make and use the embodiments. The scope of the subject matter embodiments is defined by the claims and may include other modifications that occur to those skilled in the art. Such other modifications are intended to be within the scope of the claims if they have similar elements that do not differ from the literal language of the claims or if they include equivalent elements with insubstantial differences from the literal language of the claims.
[045] The embodiments of present disclosure herein addresses unresolved problem of validating security rights of streaming video files. The embodiment thus provides a method and system for validating security rights of streaming video files on internet enabled streaming devices. Moreover, the embodiments herein further provide a scalable, efficient, secured validation technique for protecting the security rights of streamed video file. This technique focusses on critical aspects of the video streaming domain providing a holistic model enhancing the security rights utilizing digital rights management (DRM) and high definition content protocol (HDCP) concepts. This unique hybrid model leverages power of automation for security tests at the Video Acquisition/Aggregation level and amalgamating the best practices from traditional security tests done at user Video Application level. This hybrid methodology covers all phases on the video streaming value chain, from origin to playback. Therefore, achieving maximum test coverage across multiple playback devices under multiple workload conditions thereby including latency, delay and concurrency. By leveraging high levels of process automation and incorporating a 100% automated test results dashboard, proposed disclosure reduces chances of manual errors to the maximum possibility.
[046] It is to be understood that the scope of the protection is extended to such a program and in addition to a computer-readable means having a message therein; such computer-readable storage means contain program-code means for implementation of one or more steps of the method, when the program runs on a

server or mobile device or any suitable programmable device. The hardware device can be any kind of device which can be programmed including e.g. any kind of computer like a server or a personal computer, or the like, or any combination thereof. The device may also include means which could be e.g. hardware means like e.g. an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or a combination of hardware and software means, e.g. an ASIC and an FPGA, or at least one microprocessor and at least one memory with software processing components located therein. Thus, the means can include both hardware means, and software means. The method embodiments described herein could be implemented in hardware and software. The device may also include software means. Alternatively, the embodiments may be implemented on different hardware devices, e.g. using a plurality of CPUs.
[047] The embodiments herein can comprise hardware and software elements. The embodiments that are implemented in software include but are not limited to, firmware, resident software, microcode, etc. The functions performed by various components described herein may be implemented in other components or combinations of other components. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can comprise, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
[048] The illustrated steps are set out to explain the exemplary
embodiments shown, and it should be anticipated that ongoing technological
development will change the manner in which particular functions are performed.
These examples are presented herein for purposes of illustration, and not limitation.
Further, the boundaries of the functional building blocks have been arbitrarily
defined herein for the convenience of the description. Alternative boundaries can
be defined so long as the specified functions and relationships thereof are
appropriately performed. Alternatives (including equivalents, extensions,
variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope of the disclosed embodiments. Also, the words

“comprising,” “having,” “containing,” and “including,” and other similar forms are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items. It must also be noted that as used herein and in the appended claims, the singular forms “a,” “an,” and “the” include plural references unless the context clearly dictates otherwise.
[049] Furthermore, one or more computer-readable storage media may be utilized in implementing embodiments consistent with the present disclosure. A computer-readable storage medium refers to any type of physical memory on which information or data readable by a processor may be stored. Thus, a computer-readable storage medium may store instructions for execution by one or more processors, including instructions for causing the processor(s) to perform steps or stages consistent with the embodiments described herein. The term “computer-readable medium” should be understood to include tangible items and exclude carrier waves and transient signals, i.e., be non-transitory. Examples include random access memory (RAM), read-only memory (ROM), volatile memory, nonvolatile memory, hard drives, CD ROMs, DVDs, flash drives, disks, and any other known physical storage media.
[050] It is intended that the disclosure and examples be considered as exemplary only, with a true scope of disclosed embodiments being indicated by the following claims.

We Claim:
1. A processor implemented method (300) for validating security rights of streaming video files on internet enabled streaming devices, wherein the method comprises:
receiving (302), via the one or more hardware processors, a plurality of video files comprising a plurality of encrypted streaming packets, wherein, the plurality of video files are obtained from external sources comprising one or more video server;
analyzing (304), via the one or more hardware processors, to extract a manifest files from each encrypted streaming packet associated with each video file among the plurality of video files, for generating digital rights management test scripts;
dynamically generating (306), via the one or more hardware processors, digital rights management test script for each manifest file among the plurality of manifest files configured to a digital rights management engine using a video streaming workload technique; and
validating (308), via the one or more hardware processors, security rights of each manifest file by executing the dynamically generated digital rights management (DRM) test scripts on each video file utilizing a security rights validation mode comprising a digital rights management mode and a high definition content protection (HDCP),
wherein, validation of each manifest file using the digital rights management mode comprises,
computing, an aggregator level video metrics at aggregate level, to determine streaming bit rate with corresponding file size based on a plurality of aggregator parameters, computing a device level video metrics, at device level, to determine streaming bit rate

with corresponding file size based on a plurality of device parameters, and calculating, an average bit rate and an average file size for comparing the aggregator level video metrics with the device level video metrics. wherein, validation of each manifest file using the high definition content protection (HDCP) mode comprises,
computing, a high definition content
protection video metrics comprising a
streaming bit rate with its corresponding
video file size based on a plurality of high
definition content protection (HDCP)
compliant streaming devices and a plurality of high definition content protection non-compliant streaming devices, and calculating, the average bit rate and the average file size for comparing the high definition content protection (HDCP) video metrics at the streaming video device level.
2. The method as claimed in claim 1, wherein dynamically generating the digital rights management test scripts for each manifest file of the video file using the video streaming workload technique comprises:
initializing, the digital rights management engine and a test script recorder; and
processing, by the digital rights management engine, for each video file among the plurality of video files to,
assign, a unique content key for each video file; configure, for each video file, an authorization policy and an asset delivery policy; and

generate, for each video file, a total number of manifest files based on the configured authorization policy and the asset delivery policy.
3. The method as claimed in claim 1, wherein the validation of each manifest
file using the digital rights management mode, at aggregator level, by
computing the aggregator level video metrics based on the plurality of
aggregator parameters comprises:
initializing, a driver script and a total number of emulators;
performing, for each manifest file of each video file, the steps of:
executing, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and
computing, the aggregator level video metrics for determining the streaming bit rate with its corresponding file size, wherein the aggregator level video metrics is the product of each video file, a total number of generated manifest files and a total number of emulator videos.
4. The method as claimed in claim 3, wherein the plurality of aggregator parameters comprises the video file, the total number of generated manifest files and the total number of emulator videos.
5. The method as claimed in claim 1, wherein the validation of each manifest file using the digital rights management mode, at device level, by computing an device level video metrics based on the plurality of device parameters comprises:
initializing, a total number of devices, a browser, a player and a
driver script; and
performing, for each manifest file of each video file, the steps of:

execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and
compute, the aggregator level video metrics for determining the streaming bit rate with its corresponding file size based on a product of each video file, the total number of devices, the browsers, the players and the driver script.
6. The method as claimed in claim 5, wherein the plurality of device parameters comprises the video file, the total number of devices, total number browser, total number players and the driver script.
7. The method as claimed in claim 1, enabling the validation of each manifest file using the high definition content protection (HDCP) mode by computing the high definition content protection (HDCP) video metrics comprises:
initializing, a driver script and a high definition content protection (HDCP) decryptor and then randomize each video file; and performing, for each manifest file of each video file, the steps of:
execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and
compute, the high definition content protection (HDCP) video metrics for determining the streaming bit rate with corresponding file size based on the product of each video file and the total number of manifest files.
8. The method as claimed in claim 1, wherein the average bit rate and the
average file size at digital rights management mode is calculated based on
a deviation obtained by comparing the aggregator level video metrics with
the device level video metrics.

9. The method as claimed in claim 1, wherein the average bit rate and the average file size at high definition content protection (HDCP) mode is calculated based on the deviation obtained by comparing the high definition content protection (HDCP) video metrics at device level between the compliant and non-compliant high definition content protection (HDCP) video streaming devices.
10. A system (100) for validating security rights of streaming video files on internet enabled streaming devices, the system (100) comprising:
a memory (102) storing instructions;
one or more Input/output (I/O) interfaces (106);
and one or more hardware processors (104) coupled to the memory (102)
via the one or more I/O interfaces (106), wherein the one or more hardware
processors (104) are configured by the instructions to:
receive (302), a plurality of video files comprising a plurality of encrypted streaming packets, wherein, the plurality of video files are obtained from external sources comprising one or more video server;
analyze (304), each encrypted streaming packet associated with each video file among the plurality of video files, to extract a manifest file for generating digital rights management test scripts;
dynamically generate (306), digital rights management test script for each manifest file among the plurality of manifest files configured to a digital rights management engine using a video streaming workload technique; and
validate (308), security rights of each manifest file by executing the dynamically generated digital rights management test scripts on each video file utilizing a security rights validation mode comprising a digital rights management (DRM) mode and a high definition content protection (HDCP),

wherein, validation of each manifest file using the digital rights management mode comprises,
computing an aggregator level video metrics at aggregate level, to determine streaming bit rate with corresponding file size based on a plurality of aggregator parameters,
computing a device level video metrics, at device level, to determine streaming bit rate with corresponding file size based on a plurality of device parameters, and
calculating, an average bit rate
and an average file size for comparing
the aggregator level video metrics
with the device level video metrics.
wherein, validation of each manifest file using the
high definition content protection (HDCP) mode
comprises,
computing, an high definition content
protection video metrics comprising a
streaming bit rate with its corresponding
video file size based on a plurality of high
definition content protection (HDCP)
compliant streaming devices and a plurality of high definition content protection non-compliant streaming devices, and
calculating, the average bit rate and the average file size for comparing the high definition content protection (HDCP) video metrics at the streaming video device level.

11. The system (100) as claimed in claim 10, wherein the one or more hardware
processors (104) is configured for dynamically generating the digital rights
management test scripts for each manifest file of the video file using the
video streaming workload technique comprises:
initializing, the digital rights management engine and a test script recorder; and
processing, by the digital rights management engine, for each video file among the plurality of video files to,
assign, a unique content key for each video file;
configure, for each video file, an authorization policy and an asset delivery policy; and
generate, for each video file, a total number of manifest files based on the configured authorization policy and the asset delivery policy.
12. The system (100) as claimed in claim 10, wherein the one or more hardware
processors (104) is configured for validation of each manifest file using the
digital rights management mode at aggregator level by computing the
aggregator level video metrics based on the plurality of aggregator
parameters comprises:
initializing, a driver script and a total number of emulators; performing, for each manifest file of each video file, the steps of:
executing, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and
computing, the aggregator level video metrics for determining the streaming bit rate with its corresponding file size, wherein the aggregator level video metrics is the product of each video file, a total number of generated manifest files and a total number of emulator videos.

13. The system (100) as claimed in claim 12, wherein the plurality of aggregator parameters comprises the video file, the total number of generated manifest files and the total number of emulator videos.
14. The system (100) as claimed in claim 10, wherein the one or more hardware processors (104) is configured for wherein the validation of each manifest file using the digital rights management mode at device level by computing an device level video metrics based on the plurality of device parameters comprises:
initializing, a total number of devices, a browser, a player and a
driver script; and
performing, for each manifest file of each video file, the steps of:
execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and
compute, the aggregator level video metrics for determining the streaming bit rate with its corresponding file size based on a product of each video file, a total number of devices, a browsers, a players and a driver script.
15. The system (100) as claimed in claim 10, wherein the plurality of device parameters comprises the video file, the total number of devices, the total number of browser, the total number players and the driver script.
16. The system (100) as claimed in claim 10, wherein the one or more hardware processors (104) is configured for enabling the validation of each manifest file using the high definition content protection (HDCP) mode by computing the high definition content protection (HDCP) video metrics comprises:
initializing, the driver script and a high definition content protection (HDCP) decryptor and then randomize each video file; and

performing, for each manifest file of each video file, the steps of:
execute, the digital rights management engine comprising the generated digital rights management test scripts on each video file; and
compute, the high definition content protection (HDCP) video metrics for determining the streaming bit rate with its corresponding file size based on the product of each video file and the total number of manifest files.
17. The system (100) as claimed in claim 10, wherein the one or more hardware processors (104) is configured for calculating the average bit rate and the average file size at digital rights management mode based on a deviation obtained by comparing the aggregator level video metrics with the device level video metrics.
18. The system (100) as claimed in claim 10, wherein the one or more hardware processors (104) is configured for calculating the average bit rate and the average file size at high definition content protection (HDCP) mode based on the deviation obtained by comparing the high definition content protection (HDCP) video metrics at device level between the compliant and non-compliant high definition content protection (HDCP) video streaming devices.